January 7, 2020

MWC 2020

MWC, the event formerly known as Mobile World Congress, has trotted out some familiar themes again this year; the buzzwords remain: AI and 5G. A bit further down on the list, we eventually find Security and Privacy, and we have to ask ourselves: How, in this day and age, is security in this environment still an afterthought? In fact, it ranks dead last of seven. 

Concurrently within MWC, 4YFN (4 Years From Now) will be held down the road at Montjuic. This is an event to “connect startups” with investors, experts, media, and all other manner of attendees to “launch new business ventures together.” 

Nestled within the descriptions of several of the MWC topics, one finds the term IoT, and we can’t help but wonder how many of these startups are launching new technologies and devices? How many will be part of the 5G-IoT-AI revolution? The question on our minds is: will they bake in security? Will they plan for the future of their products with security in mind? 

The main theme of the conference is, of course, Limitless Intelligent Connectivity

5G promised endless possibilities. An era of Intelligent Connectivity – the convergence of AI, Big Data, and IoT – powered by 5G. A new digitally driven industrial revolution. As new 5G rolls out, so possibilities become reality. And by connecting everyone to everything, across every industry these opportunities are without limits.

No limits? The digital industrial revolution promises to connect “everything” to “everyone,” and that may not be as much hyperbole as we think. As magnificent as this sounds, in itself there lies an admission for the necessity of new kinds of security–for security that can stand up to AI, and remain impenetrable under attack at 5G speeds. Surely we’ll hear plenty about the robust nature of blockchain, end-to-end encryption, and other IP security trends, but are these high-tech startups overlooking something more fundamental? 

MWC is meant to be less M-for-mobile in an effort to encompass and include the spectrum of communication technology used today–yet still remains “The world’s largest exhibition for the mobile industry.” Mobile networks are still potentially vulnerable to the same cast of attacks they have always been, yet this is still widely overlooked when considering “end-to-end” security for IoT. The telecom industry has learned from its past and is going to great lengths to require and standardize security as 5G systems are built, however the move to 5G is not like flipping a switch. We will not overnight abandon legacy systems in lieu of the smarter and faster 5G networks. Piece by piece, and step by step we will rely more on 5G networks, however it is a long road before we are clear of the faults inherent in SS7 and Diameter. Many players in the IoT market act as though today’s devices are somehow immune from signaling hacks (even though your smartphone is not), or assume that mobile networks the world over are secure. 

Many networks do have adequate firewalls and protections in place, but the nature of IoT is more nomadic than ever. Coverage is usually the number one deciding factor for startups when choosing a connectivity provider. Will my product work in every country on the globe? Can I ship to every continent? Many providers can meet these demands for service. But are these startups asking the right questions? Do they ask: will my users be secure in every country? Will my products be secure on every continent? Currently, there are no IoT networks that offer signaling security. The foreseeable future of IoT and 5G (and even AI) is not extricable from signaling protocols from the 1980s. In this lengthy interim, it is crucial to protect IoT devices against signaling vulnerabilities.

Categorised in:

January 7, 2020